Symantec is recommending that users of its pcAnywhere software disable the product following the theft of source code from the US computer security firm.

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," the Mountain View, California-based company said.

Symantec, in a technical white paper posted on the firm's website, said the vulnerability to pcAnywhere, which allows for remote PC to PC connections, is the result of a 2006 theft of source code by hackers.

"We believe that source code for the 2006-era versions of the following products was exposed: Norton Antivirus Corporate Edition; Norton Internet Security; Norton SystemWorks (Norton Utilities and Norton GoBack); and pcAnywhere," Symantec said.

The only identified threat, however, is to pcAnywhere and not any of the Norton products.

"With this incident pcAnywhere customers have increased risk," Symantec said. "Malicious users with access to the source code have an increased ability to identify vulnerabilities and build new exploits."

Symantec's recommendation follows a threat this month by hackers in India to publish the stolen source code.

Users warned to disable access software
Mountain View, Calif. (UPI) Jan 26, 2012 –

U.S. company Symantec has warned users of its remote access program pcAnywhere to disable it while it fixes vulnerabilities linked to theft of its source code.

The company says the source code for the program, which provides users remote access to their personal computers, was stolen by the hacktivist group Anonymous, PC Magazine reported Thursday.

"Upon investigation of the claims made by Anonymous regarding source code disclosure, Symantec believes that the disclosure was the result of a theft of source code that occurred in 2006," Symantec said in a statement.

"Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks."

Malicious users with access to the source code could use it to create computer attacks that could expose authentication and session information, Symantec said.